Published on February 24th, 2014 | by Nigel Peters0
The Importance of Cyber Security in Business Today
The need for cyber security is growing and more prevalent than ever before. Alium Partners Managing Partner Nigel Peters offers insights into how businesses can prepare for and resist a cyber attack.
Recently, I was most privileged to be invited to attend an informative briefing on the importance of cyber security, hosted by Bloomberg and Leading Authorities. The event guest speaker was General Michael Hayden, who, amongst other impressive roles, was the Director of the CIA and the NSA in the United States – so a real voice of authority for the subject in hand. But the parallels and consequences that I drew for business and cyber security were for me the most revealing.
The Cyber Threat in Today’s World
The General started by highlighting how cyber security and online risk could no longer be ignored – if you thought globalisation happened fast 500 years ago, just think how quickly the net moves! The online world has the ability to be incredibly convenient and help people, businesses and countries grow and gain e.g. China – but there is no built in security at its core. Remember, the web was simply designed to transfer large volumes of data between trusted friends; so how can cyber environments be defended? This is the challenge of today’s world.
The Growing Cyber Security Threat
As consumers, we all know the everyday stories of cyber risk – credit cards, identity theft, hacking etc – these kinds of threats are all too common. However, these risks are now becoming much bigger in scale and complexity and businesses need to be aware of the disruption they can cause. The General highlighted an example of a major oil company who recently discovered over 35,000 of their hard drives had been wiped of information due to a lack of cyber security.
The Global Scope of Cyber Attacks
He also highlighted what different countries were doing in order to combat this threat around the world including the impact in America and China, and how large economies such as these are combating threats from smaller “rogue” states who are trying to infiltrate and damage critical systems and infrastructure. In military terms, the cyber threat is a whole new weapon and is a complete game changer for all those involved - from nations and governments, to ground level gangs and lone operators. Everyone is becoming an expert.
So What Is the Solution To the Cyber Security Threat?
When trying to find a solution – and a whole industry has sprung up with this as its raison d’être, it must be remembered that this is much more than one problem. Therefore finding a remedy on a constantly moving target is incredibly difficult. But there are common equations you can employ to measure and understand the level of risk your business is facing – for example:
Risk = Consequence × Threat × Vulnerability
In order to succeed, what businesses must practice is consequence management. No matter if the business risk is potential or current, understanding the consequence will mean that you can also assess the threat and vulnerability to your organisation and protect as necessary. But don’t wait for risk to come onboard – it is good practice to try and simulate what different cyber breaches could mean for a business and how you would manage them.
Cyber Security Brings Private Sector Opportunities
So the opportunity for business to protect themselves is apparent. But the opportunity for the private sector to capitalise on this situation is also there too – especially to the public sector. Governments neither have the resource, budget or capability to perform the levels of cyber security needed in today’s global terrorist environment. As I said above, there is an industry out there and we at Alium are also seeing a significant increase in demand for individuals with specific cyber security experience as businesses assess their threat levels.
Cyber Security Management Starts With the Board
Although more organisations are taking cyber security seriously, but many are still late adopters and it is important that those in positions of influence – CFOs, CEOs, COOs etc. listen to their CIOs who should be investing in systems and specialists to maximize business protection and mitigate the threat. Like health and safety, investment in the management of this business risk will bring its own rewards and we shouldn’t wait for legislation to drive this need. The need is now.
Who is Responsible for Managing Cyber Risks?
So who is managing and owning this risk? Is the impact so great that in fact this risk should not only be owned by the Board but that there is someone specifically on the Board? What every business must ask themselves right now is:
“Who is in charge of cyber security?”
Is it the CIO or the CEO? From an SME to a FTSE-100, cyber security transcends national borders and traditional frontiers. Making sure your governance of it is clear will be the key to success and a robust digital infrastructure fit for the future - and a business that is successful.
How real is the cyber threat to your business? Do you feel this is a real threat, or one that is a passing phase that only affects a small number of organisations? Please leave your comments below.
Photo Credit: AKodisinghe